Previously we allowed unreachable returns to be skipped.
This won't work if we strictly follow the spec.
BUG=None
TEST=Manual against more strict wasm validation
R=titzer@chromium.org,rossberg@chromium.org
Review-Url: https://codereview.chromium.org/2668873003
Cr-Commit-Position: refs/heads/master@{#42833}
Throw a syntax error on "new import(1)" expression. Adds a new error msg as well.
BUG=v8:5785
Review-Url: https://codereview.chromium.org/2661113002
Cr-Commit-Position: refs/heads/master@{#42827}
Also updated some tests due to the change. The general pattern is when a
trailing comma is expected to cause a SyntaxError, an additional comma was
added.
BUG=v8:5051
CQ_INCLUDE_TRYBOTS=master.tryserver.blink:linux_trusty_blink_rel
Review-Url: https://codereview.chromium.org/2638513002
Cr-Commit-Position: refs/heads/master@{#42826}
If hidden scopes are ignored, the scopes and variable produced by the PreParser
already matched the scopes and variables produced by the Parser.
BUG=v8:5516
R=vogelheim@chromium.org
Review-Url: https://codereview.chromium.org/2663043003
Cr-Commit-Position: refs/heads/master@{#42824}
Rewrites import expression into a runtime call. Uses peekahead to
determine if parsing an import declaration or import expression.
The runtime call doesn't actually do the import yet, will be added in
follow on patch.
Adds a new --harmony-dynamic-import flag.
Adds a ignore_error_msg parameter to the test runner to ignore the
discrepancy in the error messages while parsing import expression with
parser and pre parser. This discrepancy will actually never happen in
real code.
BUG=v8:5785
Review-Url: https://codereview.chromium.org/2661933003
Cr-Commit-Position: refs/heads/master@{#42820}
Port 56429fc146
Original Commit Message:
Introduced MachineType::TaggedSigned() and TaggedPointer().
The idea is to quit using the representational dimension of Type, and
instead encode this information in the MachineRepresentation (itself
lightly wrapped in MachineType, along with MachineSemantic).
There are three parts to the whole change:
1) Places that set the machine representation - constant nodes, loads nad
stores, global object and native context specialization.
2) Places that propagate type/representation - this is representation
inference (aka simplified lowering). At the end of this process we
expect to have a MachineRepresentation for every node. An interesting
part of this is phi merging.
3) Places that examine representation - WriteBarrier elimination does this.
Currently it's looking at the Type representation dimension, but as
a part of this change (or in a soon-to-follow change) it can simply
examine the MachineRepresentation.
R=mvstanton@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N
Review-Url: https://codereview.chromium.org/2662223003
Cr-Commit-Position: refs/heads/master@{#42817}
Reason for revert:
Causes test timeouts.
Original issue's description:
> [Test] Do a set number of runs to trigger optimisation for SuperSpread.
>
> BUG=v8:5895
>
> Review-Url: https://codereview.chromium.org/2669523002
> Cr-Commit-Position: refs/heads/master@{#42811}
> Committed: d4c22c3084TBR=bmeurer@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=v8:5895
Review-Url: https://codereview.chromium.org/2669553002
Cr-Commit-Position: refs/heads/master@{#42812}
The KeyedStoreMode that we get out of the FeedbackNexus doesn't
necessarily need to apply when we have "static knowledge" about
the receiver, i.e. when the receiver is a known JSTypedArray, but
the KEYED_STORE_IC has seen only JSArray instances so far. The
DCHECK was too restrictive in this case, since we can just ignore
the KEYED_STORE_IC mode (like we ignore the maps).
BUG=chromium:685050
R=ishell@chromium.org
Review-Url: https://codereview.chromium.org/2668643002
Cr-Commit-Position: refs/heads/master@{#42810}
We were missing a case for Tagged->TaggedSigned conversions when the
input type is known to be Type::SignedSmall.
BUG=chromium:687029
R=jarin@chromium.org
Review-Url: https://codereview.chromium.org/2666863002
Cr-Commit-Position: refs/heads/master@{#42809}
These counters were used during the initial implementation to gather
statistics about comparative effectiveness of the two escape analysis
approaches in practice. The counters are not thread-safe and cannot be
used for the analysis any longer as it is now running off main thread.
We deprecate the counters in question in favor of maintaining deferred
statistics until the need for such statistics arises again.
R=bmeurer@chromium.org
BUG=chromium:685942
Review-Url: https://codereview.chromium.org/2667453003
Cr-Commit-Position: refs/heads/master@{#42808}
We cannot eliminate unused CheckFloat64Hole nodes, since loading from a
holey array can have side-effects, i.e. triggering getters in the
prototype chain.
R=mvstanton@chromium.org
BUG=chromium:686737
Review-Url: https://codereview.chromium.org/2665123002
Cr-Commit-Position: refs/heads/master@{#42806}
This is essentially a port of http://crrev.com/2403003002 to TurboFan,
adding support for fast access to JSGlobalObject properties through the
current native contexts' JSGlobalProxy.
It's a slightly bigger change, since JSNativeContextSpecialization and
JSGlobalObjectSpecialization needs merging for this to work, as due to
different type feedback layout we cannot just turn a JSLoadNamed into
JSLoadGlobal operator (and same for JSStoreNamed vs. JSStoreGlobal).
This part of the change is mostly mechanical.
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_chromium_rel_ng
R=ishell@chromium.org, jochen@chromium.org
BUG=chromium:634276,v8:5267
Review-Url: https://codereview.chromium.org/2664853002
Cr-Commit-Position: refs/heads/master@{#42805}
Dealing with this case requires a wire format change. It is possible that an
element can be absent even in an array where the dense format was chosen
(because the array initially had no holes), if the elements are modified while
they are being serialized. In this case, a new tag for the "hole" is emitted.
The logic to treat undefined in dense arrays as an absent property is restricted
to versions of the wire format that this tag did not exist.
BUG=chromium:686159,chromium:665820
Review-Url: https://codereview.chromium.org/2660093002
Cr-Original-Commit-Position: refs/heads/master@{#42784}
Committed: dc85f4c833
Review-Url: https://codereview.chromium.org/2660093002
Cr-Commit-Position: refs/heads/master@{#42800}
This groups together all the promise related runtime functions.
BUG=v8:5343
Review-Url: https://codereview.chromium.org/2665983002
Cr-Commit-Position: refs/heads/master@{#42798}
The spec for String.split() requires loading "separator[@@split]".
The KeyedLoadIC for this goes generic right away, but still requires
a runtime call. To avoid that, reshuffle checks in the generic stub
and do the primitive-string -> String-function translation inline.
Review-Url: https://codereview.chromium.org/2654893003
Cr-Commit-Position: refs/heads/master@{#42797}
The existing unit test explicitly checked for this case, but was - under
the right circumstances - defeated by the optimization to not re-run the
whole position search if we were close enough.
BUG=chromium:685618
Review-Url: https://codereview.chromium.org/2663883002
Cr-Commit-Position: refs/heads/master@{#42794}
Port ca8d3ba718
Original Commit Message:
Original commit message:
[wasm] Introduce the TrapIf and TrapUnless operators to generate trap code.
Some instructions in WebAssembly trap for some inputs, which means that the
execution is terminated and (at least at the moment) a JavaScript exception is
thrown. Examples for traps are out-of-bounds memory accesses, or integer
divisions by zero.
Without the TrapIf and TrapUnless operators trap check in WebAssembly introduces 5
TurboFan nodes (branch, if_true, if_false, trap-reason constant, trap-position
constant), in addition to the trap condition itself. Additionally, each
WebAssembly function has four TurboFan nodes (merge, effect_phi, 2 phis) whose
number of inputs is linear to the number of trap checks in the function.
Especially for functions with high numbers of trap checks we observe a
significant slowdown in compilation time, down to 0.22 MiB/s in the sqlite
benchmark instead of the average of 3 MiB/s in other benchmarks. By introducing
a TrapIf common operator only a single node is necessary per trap check, in
addition to the trap condition. Also the nodes which are shared between trap
checks (merge, effect_phi, 2 phis) would disappear. First measurements suggest a
speedup of 30-50% on average.
This CL only implements TrapIf and TrapUnless on x64. The implementation is also
hidden behind the --wasm-trap-if flag.
Please take a special look at how the source position is transfered from the
instruction selector to the code generator, and at the context that is used for
the runtime call.
R=ahaas@chromium.org, titzer@chromium.org, joransiu@ca.ibm.com, jyan@ca.ibm.com, michael_dawson@ca.ibm.com
BUG=
LOG=N
Review-Url: https://codereview.chromium.org/2666433002
Cr-Commit-Position: refs/heads/master@{#42793}
The bug used to show up when
- we were streaming a script starting with 0xef 0xbb 0xbf
- we aborted preparsing a function (and reset to a bookmark)
BUG=chromium:685618
Review-Url: https://codereview.chromium.org/2663773002
Cr-Commit-Position: refs/heads/master@{#42790}
Reason for revert:
Seems to break layout tests:
https://build.chromium.org/p/client.v8.fyi/builders/V8-Blink%20Linux%2064/builds/13146https://github.com/v8/v8/wiki/Blink-layout-tests
Original issue's description:
> ValueSerializer: Distinguish between 'undefined' and an absent property.
>
> Dealing with this case requires a wire format change. It is possible that an
> element can be absent even in an array where the dense format was chosen
> (because the array initially had no holes), if the elements are modified while
> they are being serialized. In this case, a new tag for the "hole" is emitted.
>
> The logic to treat undefined in dense arrays as an absent property is restricted
> to versions of the wire format that this tag did not exist.
>
> BUG=chromium:686159,chromium:665820
>
> Review-Url: https://codereview.chromium.org/2660093002
> Cr-Commit-Position: refs/heads/master@{#42784}
> Committed: dc85f4c833TBR=jkummerow@chromium.org,jbroman@chromium.org
# Skipping CQ checks because original CL landed less than 1 days ago.
NOPRESUBMIT=true
NOTREECHECKS=true
NOTRY=true
BUG=chromium:686159,chromium:665820
Review-Url: https://codereview.chromium.org/2667553003
Cr-Commit-Position: refs/heads/master@{#42788}
